Overview
overview
10Static
static
1010.exe
windows10-2004-x64
1011.exe
windows10-2004-x64
1012.exe
windows10-2004-x64
1013.exe
windows10-2004-x64
1014.exe
windows10-2004-x64
1015.exe
windows10-2004-x64
1016.exe
windows10-2004-x64
1017.exe
windows10-2004-x64
1018.exe
windows10-2004-x64
1019.exe
windows10-2004-x64
1020.exe
windows10-2004-x64
1021.exe
windows10-2004-x64
1022.exe
windows10-2004-x64
1023.exe
windows10-2004-x64
1024.exe
windows10-2004-x64
1025.exe
windows10-2004-x64
1026.exe
windows10-2004-x64
1027.exe
windows10-2004-x64
1028.exe
windows10-2004-x64
1029.exe
windows10-2004-x64
1030.exe
windows10-2004-x64
1031.exe
windows10-2004-x64
1032.exe
windows10-2004-x64
1033.exe
windows10-2004-x64
106.exe
windows10-2004-x64
107.exe
windows10-2004-x64
108.exe
windows10-2004-x64
109.exe
windows10-2004-x64
10Behavioral task
behavioral1
Sample
10.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral2
Sample
11.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
12.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral4
Sample
13.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
14.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral6
Sample
15.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
16.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral8
Sample
17.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
18.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral10
Sample
19.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
20.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral12
Sample
21.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
22.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral14
Sample
23.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
24.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral16
Sample
25.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
26.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral18
Sample
27.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
28.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral20
Sample
29.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
30.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral22
Sample
31.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
32.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral24
Sample
33.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
6.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral26
Sample
7.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
8.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
Behavioral task
behavioral28
Sample
9.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
General
-
Target
9.zip
-
Size
7.1MB
-
MD5
cc0c1fc286b23351b6e0d9da08405a75
-
SHA1
b63dfec8dea9b62880a23f1fa4467ccb6360d5b4
-
SHA256
7e14eac3878e56172746c4ce61a41938ee6ddb571721682db462d31e8810a0c9
-
SHA512
e6835001e40be0a799e35863c3bfc5e132f6ad8cb121106fb4ffaf2b66ec7d8f58fc058dcc06f1b3d704753e188b4b6cebfd355d8d150573fa3f98b9b739b47a
-
SSDEEP
98304:gRC+gZwy40ywa6RYS1X/LywlxA3tCrtm1r4jXyw8Z9zdOmOwywim:8wa6RMwAotm1FwUaRwn
Malware Config
Extracted
remcos
RemoteHost
core-hook.gl.at.ply.gg:7242
-
audio_folder
MicRecords
-
audio_record_time
5
-
connect_delay
0
-
connect_interval
1
-
copy_file
scvhost.exe
-
copy_folder
files
-
delete_file
true
-
hide_file
true
-
hide_keylog_file
false
-
install_flag
true
-
keylog_crypt
false
-
keylog_file
logs.dat
-
keylog_flag
false
-
keylog_folder
remcos
-
mouse_option
false
-
mutex
Rmc-HRUGRQ
-
screenshot_crypt
false
-
screenshot_flag
false
-
screenshot_folder
Screenshots
-
screenshot_path
%AppData%
-
screenshot_time
10
-
startup_value
scvhost
-
take_screenshot_option
false
-
take_screenshot_time
5
Signatures
-
Remcos family
-
Unsigned PE 28 IoCs
Checks for missing Authenticode signature.
resource unpack001/10.exe unpack001/11.exe unpack001/12.exe unpack001/13.exe unpack001/14.exe unpack001/15.exe unpack001/16.exe unpack001/17.exe unpack001/18.exe unpack001/19.exe unpack001/20.exe unpack001/21.exe unpack001/22.exe unpack001/23.exe unpack001/24.exe unpack001/25.exe unpack001/26.exe unpack001/27.exe unpack001/28.exe unpack001/29.exe unpack001/30.exe unpack001/31.exe unpack001/32.exe unpack001/33.exe unpack001/6.exe unpack001/7.exe unpack001/8.exe unpack001/9.exe
Files
-
9.zip.zip
-
10.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
11.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
12.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
13.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
14.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
15.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
16.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
17.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
18.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
19.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
20.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
21.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
22.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
23.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
24.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
25.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
26.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
27.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
28.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
29.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
30.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
31.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
32.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
33.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
6.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
7.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
8.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
9.exe.exe windows:5 windows x86 arch:x86
5d354883fe6f15fcf48045037a99fb7a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileW
CreateMutexA
GetLocaleInfoA
CreateToolhelp32Snapshot
OpenMutexA
Process32NextW
Process32FirstW
VirtualProtect
SetLastError
VirtualFree
VirtualAlloc
GetNativeSystemInfo
HeapAlloc
GetProcessHeap
FreeLibrary
IsBadReadPtr
GetTempPathW
OpenProcess
lstrcatW
GetCurrentProcessId
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GetTickCount
GlobalUnlock
WriteProcessMemory
ResumeThread
GetThreadContext
ReadProcessMemory
CreateProcessW
SetThreadContext
LocalAlloc
GlobalFree
MulDiv
SizeofResource
SetFilePointer
FindResourceA
LockResource
LoadResource
LocalFree
FormatMessageA
AllocConsole
GetModuleFileNameA
lstrcpynA
QueryPerformanceFrequency
GetLongPathNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
GetACP
GetStdHandle
GetModuleHandleExW
MoveFileExW
RtlUnwind
RaiseException
LoadLibraryExW
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
GetFileSize
TerminateThread
GetLastError
SetFileAttributesW
GetModuleHandleA
RemoveDirectoryW
MoveFileW
CreateDirectoryW
SetFilePointerEx
GetLogicalDriveStringsA
DeleteFileW
DeleteFileA
GetFileAttributesW
FindClose
lstrlenA
GetDriveTypeA
FindNextFileW
GetFileSizeEx
FindFirstFileW
ExitProcess
GetProcAddress
LoadLibraryA
CreateProcessA
PeekNamedPipe
CreatePipe
TerminateProcess
ReadFile
HeapFree
HeapCreate
CreateEventA
GetLocalTime
CreateThread
SetEvent
CreateEventW
WaitForSingleObject
Sleep
GetModuleFileNameW
CloseHandle
ExitThread
CreateFileW
WriteFile
QueryPerformanceCounter
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WaitForSingleObjectEx
ResetEvent
SetEndOfFile
user32
CallNextHookEx
GetKeyboardLayoutNameA
GetKeyState
GetWindowTextLengthW
GetWindowThreadProcessId
SetForegroundWindow
SetClipboardData
EnumWindows
ExitWindowsEx
TranslateMessage
DispatchMessageA
GetMessageA
GetWindowTextW
wsprintfW
GetClipboardData
UnhookWindowsHookEx
GetForegroundWindow
ToUnicodeEx
GetKeyboardLayout
SetWindowsHookExA
CloseClipboard
OpenClipboard
GetKeyboardState
DrawIcon
GetSystemMetrics
GetIconInfo
SystemParametersInfoW
GetCursorPos
RegisterClassExA
AppendMenuA
mouse_event
CreateWindowExA
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
EnumDisplaySettingsW
SendInput
CloseWindow
EmptyClipboard
ShowWindow
SetWindowTextW
MessageBoxW
IsWindowVisible
gdi32
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA
GetObjectA
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameW
RegEnumKeyExA
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
OpenSCManagerA
ControlService
StartServiceW
QueryServiceConfigW
ChangeServiceConfigW
OpenServiceW
EnumServicesStatusW
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyA
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyA
shell32
ShellExecuteExA
Shell_NotifyIconA
ExtractIconA
ShellExecuteW
shlwapi
StrToIntA
PathFileExistsW
PathFileExistsA
winmm
waveInPrepareHeader
waveInStop
waveInUnprepareHeader
mciSendStringA
PlaySoundW
waveInOpen
waveInStart
waveInAddBuffer
waveInClose
mciSendStringW
ws2_32
WSAGetLastError
recv
connect
socket
send
WSAStartup
closesocket
inet_ntoa
gethostbyname
WSASetLastError
inet_addr
gethostbyaddr
getservbyport
ntohs
getservbyname
htons
htonl
urlmon
URLDownloadToFileW
URLOpenBlockingStreamW
gdiplus
GdiplusStartup
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipGetImageEncodersSize
GdipSaveImageToStream
GdipLoadImageFromStream
wininet
InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW
Sections
.text Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 93KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 560B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ